Passwords are a pain. Your everyday password is vulnerable to being forgotten; passwords in high-security situations are vulnerable to being extracted by “rubber hose cryptography” or, more colloquially, torture. An article last week in the MIT Technology Review detailed an innovative new fix for both problems being developed by researchers at Stanford and Northwestern: a passcode that sits safely in your unconscious, which makes it hard to forget and even harder for interrogators to extract.
The idea, which was presented last year at the USENIX cybersecurity conference, sounds like something out of the movie “Inception.” The researchers use “implicit learning”—the same kind of learning we employ to learn to ride a bike or swing a tennis racket—to implant a passcode in a user’s brain. The user is then able to reproduce the code without actually knowing what it is, in the same way that, once learned, you’re unlikely to forget how to ride a bike even if you can’t really explain how you do it.